<?php
include("../../includes/config.php");
include("../../includes/db.php");
if (isset($_COOKIE["user"]))
{
$author = $_COOKIE["user"];
$query = "SELECT * FROM users WHERE status='2'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
if ($_COOKIE["user"] == $row['username'])
{
if ($_COOKIE["pass"] ==  $row["password"])
{
include("../../includes/head.php");
include("../../includes/nav.php");
?>
<form method="post">
<table border="0" align="center" valign="middle">
<tr>
<td colspan="2">
<center><b>Post A News Article</b></center><hr>
</td>
</tr>
<tr>
<td>
<label>Title:</label>
</td>
<td>
<input name="title" type="text">
</td>
</tr>
<tr>
<td>
<label>Message:</label>
</td>
<td>
<textarea name="message"></textarea>
</td>
</tr>
<tr>
<td colspan="2">
<div align="center"><input type="submit" name="submit" value="Submit"></div> 
</td>
</tr>
</table>
<br>
<br>
<br>
<?
include("../../includes/foot.php");
if ($_POST['submit'] == "Submit")
{
$title = $_POST['title'];
$message = $_POST['message'];
$date = date('l dS \of F Y h:i:s A');
$get = "INSERT INTO news VALUES ('','$title', '$message', '$date', '$author')";
$get2 = mysql_query($get) or die(mysql_error());
echo "News Article Posted";
}
}
}
}
}
else
{
echo "Access Denied";
}
